<?php
session_start();
$username =$_POST["username"];
$pswd = $_POST['password'];
$sql = 'select * from `looding` where `username` = \''.str_replace("''",'',$username).'\'';
$sqli = new mysqli('localhost','root','root',"php");
$rs = $sqli->query($sql);
$row = $rs->fetch_assoc();

if(!$row) echo "用户名未找到<br/>";
else{

    $passwordindb =$row["password"];
    if($passwordindb != $pswd){
        echo "密码错误<br/>";
        
    }else{
        //让服务器记住，当前这个访问者已经用过这个密码

        $_SESSION["user"] = $row;
        //密码验证成功
        //setcookie("user",$row["username"]);
 
       Header("Location: art_list.php");
    }

}